Stop VBS Attack

Discussion in 'other software & services' started by Shunned, Mar 14, 2004.

Thread Status:
Not open for further replies.
  1. Shunned

    Shunned Guest

    Stop a VBS (Visual Basic Script) attack in it's tracks with this tip

    Discovered this on a News Group. Not my tip, but it is a good one.

    Most users rarely need to run Visual Basic, so here's an easy way to block viruses that rely on scripts. Using Notepad, create a text file called TEMP.VBS and save it to the Desktop. Hold down the Shift key, right-click on the new icon, select "Open with," and click Notepad. Finally, check "Always use this program to open this type of file." Now, if you try to open a potentially dangerous attachment, it opens in Notepad and doesn't run. If you need to run the script, save it to your computer, then drag and drop it onto Internet Explorer.
     
  2. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Yes indeed, a good tip Shunned. It definitely prevents accidental double-click executions of such files. I've had that and a couple other files set to open in Notepad for a while now.

    I have .REG files also set this way. It's just in case I'm carelessly clicking my way around someday. :doubt: When I want to actually merge a REG file into the registry, I can still right-click on it and choose the merge action, the same way people could still right-click on a safe .VBS when set like you've got it, and decide to run it rather than open in Notepad.

    I like these kind of tweaks. They aren't the end-all of security, but they can help prevent accidents. :)
     
  3. Shunned

    Shunned Guest

    Posted with request to experience users for their opinion: Pieter...LowWaterMark..others


    If the above tip works..an it does...then what about this:

    Using the above instructions make a temp.zip folder..(same as above) an once the zip file is in the folder use a program like lets say WinZip to make the ZIP file an EXE file...then scan it with your anti-virus program and Trogan scanner.........
     
  4. Shunned

    Shunned Guest

    LWM..

    You are one person I just knew would have that tweak LOL

    Any comments on the second suggestion??
     
  5. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    I'm not totally sure I follow... Is it that you'd want that setup to convert future ZIPs to EXE files and then scan AV/AT them? If that's it, the problem is that self-extracting archives (zips in EXE format, as an example) are really still archives. If your AV couldn't scan inside ZIP files, it isn't going to do any better against self-extracting EXE based archives.

    In fact, I think you are a little safer with a piece of possible malware in a real .ZIP, which can't do anything on it's own. An extractor version could unzip itself if double-clicked. While that doesn't run the file in question, it does remove it from the archive where there is now a greater chance that you could accidentally run it. :doubt:
     
  6. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    :D I admit it, I'm a tweak junkie. Long before I got here to Wilders, I was always on all those tweak sites. Tune your dialup settings. Adjust the default actions. Raise your cache. Change your pagefile. And so on, and so forth...

    Though I'm not sure they amounted to that much, it was an interesting hobby. :D
     
  7. Shunned

    Shunned Guest

    LWM

    Ah yes..you are much correct...I had not considered the point you presented...thank you.
    Now this is the way it should always be...people sharing ideas...finding solutions,, TOGETHER!!
    You experienced comments have been a real pleasure.
     
  8. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Changing file-associations. This is the same principle ScriptSentry is based on.

    Like LWM I have an umph-load of regfiles. Some good, some bad and some which would do nothing on my OS, but like my tutor always said: If you want to merge a recepy for tomato-soup to the registry, all you need to do is put REGEDIT4 in front of it. :D

    I like having to think twice, because my fingers tend to do the thinking for the first click sometimes. ;)

    Regards,

    Pieter
     
  9. Shunned

    Shunned Guest

    Pieter....good morning...an the best of day to ya.

    Ah yes, SS..fine program....oh how many time has my right finger not been in tune with my brian....an one of my programs gets zapped ....LOL,,,,just days ago I zapped a 54 mb program.....was download an hit cancel in stead of close.oooooooooooh
    There are so many fancy new programs these days. Many of which do no more than duplicate older programs already out there for many years...Script Sentry and Script Defender are old timies that saved many a weary computer.
     
Loading...
Thread Status:
Not open for further replies.